Discover Vulnerabilities in Intel CPUs!

2022-08-11

[public] 10.8K views, 6.59K likes, dislikes audio only

In this video we explore the basic ideas behind CPU vulnerabilities and have a closer look at RIDL.

This video is sponsored by Intel and their Project Circuit Breaker: https://www.projectcircuitbreaker.com/

How to Benchmark Code Execution Times: https://www.intel.com/content/dam/www/public/us/en/documents/white-papers/ia-32-ia-64-benchmark-code-execution-paper.pdf

Anders Fogh: https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/

Speculose: https://arxiv.org/abs/1801.04084

RIDL Paper: https://mdsattacks.com/files/ridl.pdf

Foreshadow PoC: https://github.com/gregvish/l1tf-poc/blob/master/doit.c

Sebastian Österlund: https://osterlund.xyz/

Chapters:

00:00 - Intro & Motivation

00:57 - Concept #1: CPU Caches

01:57 - Measure Cache Access Time with rdtscp

05:00 - Concept #2: Out-of-order Execution

06:11 - CPU Pipelining

07:13 - Out-of-order Execution Example

09:19 - CPU Caching + Out-of-order Execution = Attack Idea!!

10:33 - Negative Result: Reading Kernel Memory From User Mode

13:45 - Pandoras Box

14:23 - Interview with Sebastian Österlund

17:24 - Accidental RIDL Discovery

19:31 - NULL Pointer Bug

21:50 - Investigating Root Cause

23:28 - Conclusion

24:24 - Outro

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow

→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/

→ Instagram: https://instagram.com/LiveOverflow/

→ Blog: https://liveoverflow.com/

→ Subreddit: https://www.reddit.com/r/LiveOverflow/

→ Facebook: https://www.facebook.com/LiveOverflow/